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Abstract 

Recent attempts to automate business processes and 
medical-treatment processes liave uncovered tlie need 
for a formal frameworlc tiiat can accommodate not only 
temporal constraints, but also observations and actions 
with uncontrollable durations. To meet this need, this 
paper defines a Conditional Simple Temporal Network 
with Uncertainty (CSTNU) that combines the simple 
temporal constraints from a Simple Temporal Network 
(STN) with the conditional nodes from a Conditional 
Simple Temporal Problem (CSTP) and the contingent 
links from a Simple Temporal Network with Uncer- 
tainty (STNU). A notion of dynamic controllability 
for a CSTNU is defined that generalizes the dynamic 
consistency of a CTP and the dynamic controllabil- 
ity of an STNU. The paper also presents some sound 
constraint-propagation rules for d5mamic controUabiUty 
that are expected to form the backbone of a dynamic- 
controUability-checking algorithm for CSTNUs. 

Introduction and Motivation 

Workflow systems have been used to model business, manu- 
facturing and medical-treatment processes. However, as Bet- 
tini et al. (2002) observed: "It would greatly enhance the ca- 
pabilities of current workflow systems if quantitative tempo- 
ral constraints on the duration of activities and their synchro- 
nization requirements can be specified and reasoned about." 
Toward that end, Combi et al. (2007; 2009; 2010) presented 
a new workflow model that accommodates the following key 
features: tasks with uncertain/uncontrollable durations; tem- 
poral constraints among tasks; and branching paths, where 
the branch taken is not known in advance. Fig. 1 shows a 
sample workflow from the health-care domain, similar to 
one presented by Combi and Posenato (2009). In this work- 
flow, all times are in minutes, and: 

• tasks are represented by roimded boxes; 

• branching points are represented by nine-sided boxes 
called split or join connectors^; 

• tasks and connectors have duration attributes, [x,y]; 
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' Combi and Posenato (2009) used diamonds for connectors. 
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Figure 1: A sample workflow 



• the flow, represented by sohd arrows moving downward, 
specifies a partial order among tasks and connectors; 

• intervals between consecutive tasks or connectors — called 
delays — are bounded by intervals of the form [a;, y]; 

• additional temporal constraints are represented by dashed 
arrows, also labeled by intervals of the form [x, y]. 

The S and E notations on temporal constraints are used to 
indicate whether a constraint applies to the starting or end- 
ing times of the tasks/connectors it hnks. For example, the 
notation S'flSS, on the arrow from T4 to T5 indicates 

that the duration of the interval from the start of T4 to the 
end of Ts must be in the range, [136, 150] . 
The tasks and their uncontrollable durations are: 

Ti: Pre-hospital issues, 2-4- min. 

T2: Initial patient evaluation, 5-20 min. 

T3: Percutaneous Coronary Intervention, 25^5 min. 

T4: Reperfusion Fibrinolytic therapy, 80-90 min. 

T5: Ancillary therapy, 10-20 min. 

The semantics of execution for workflows stipulates that: 



• The agent is free to choose starting times for all tasks, but 
does not control their durations; instead, the agent merely 
observes the durations of tasks in real time. 

• The agent is free to choose starting and ending times for 
all connectors, but does not control which branch a split 
connector will follow; instead, the agent merely observes 
which branch is followed in real time.^ 

If a workflow admits a strategy for executing its tasks and 
connectors such that 

• its execution decisions depend only on past observations 

of task durations and branch directions; and 

• all delays and temporal constraints are guaranteed to be 
satisfied no matter how the task durations turn out and no 
matter which branches are taken, 

then that workflow is said to be history-dependent control- 
lable (Combi and Posenato 2009; 2010). The workflow in 
Fig. 1 is history-dependent controllable. A successful strat- 
egy must restrict the interval for B2 to be [32,42] if the 
branch containing task T4 was taken, or [1,31] if the branch 
containing task T3 was taken. Combi and Posenato (2010) 
presented an exponential-time algorithm for determining 
whether any workflow is history-dependent controllable. 

The rest of this paper introduces a Conditional Simple 
Temporal Network with Uncertainty (CSTNU) that provides 
a formal representation for the time-points and temporal 
constraints underlying workflows. A CSTNU is shown to 
generalize three existing kinds of temporal networks from 
the literature. Similarly, the concept of dynamic controllabil- 
ity for a CSTNU is shown to generalize analogous concepts 
for existing kinds of networks, while also being related to 
the history-dependent controllability for a workflow. 

Related Temporal Networks 

This section summarizes three kinds of temporal networks 
from the literature: Simple Temporal Networks, Conditional 
Simple Temporal Problems, and Simple Temporal Networks 
with Uncertainty. For convenience, we replace the Condi- 
tional Simple Temporal Problem with an eqiuvalent alterna- 
tive: the Conditional Simple Temporal Network. 

Simple Temporal Networks 

Definition 1 (STN). (Dechter, Meiri, and Pearl 1991) A 
Simple Temporal Network (STN) is a pair, (T, C), where T 
is a set of real- valued variables, called time-points, and C is a 
set of binary constraints, caUed simple temporal constraints. 
Each constraint in C has the form, Y — X < S, where X 
and Y are any time-points in T, and S is any real number. A 
solution to the STN, (T, C), is a complete set of assignments 
to the variables in T that satisfy aU of the constraints in C. 

Conditional Simple Temporal Networks 

A Conditional Simple Temporal Problem (CSTP) augments 
an STN to include observation time-points (or observation 
nodes) (Tsamardinos, Vidal, and PoUack 2003). Each obser- 
vation time-point has a proposition associated with it. When 

^This paper restricts attention to conditional connectors. Combi 
and Posenato (2009) discuss additional kinds of connectors. 



the observation time-point is executed, the truth-value of its 
associated proposition becomes known. In addition, each 
time-point has a label that restricts the scenarios in which 
that time-point can be executed. For example, a label, A-'B, 
on a time-point would indicate that that time-point could 
only be executed in scenarios where the proposition A was 
true and B was false. 

Although not included in the formal definition, the authors 
made the following reasonability assumptions about CSTPs: 

(Al) A CSTP should not include any constraint relating 
time-points whose labels are inconsistent. 

(A2) If the label on some time-point T includes a propo- 
sition Q, then the observation node, Tq, associated with 
Q must be executed in all cases in which T is executed, 
and Tq must be executed before T (i.e., Tq < T)? 

This section defines a Conditional Simple Temporal Net- 
work (CSTN), which is the same as a CSTP except fliat: 

• the CSTN definition explicitly incorporates the reason- 
ability assumptions (Al) and (A2) (cf. conditions WDl 
and WD2 in Defn. 4, below); and 

• each constraint in a CSTN has a label associated with it 
that subsumes the labels of the time-points it constrains 
(cf. conditions WDl and WD3 in Defn. 4, below). 

Putting labels on the constraints will facilitate the propaga- 
tion of constraints, as is discussed later on. 

Definition 2 (Label, Label Universe). Given a set P of 
propositional letters, a label is any (possibly empty) con- 
junction of (positive or negative) literals from P. For conve- 
nience, the empty label is denoted by □. The label universe 
of P, denoted by P*, is the set of all labels whose literals 
are drawn from P. 

For example, if P = {A, P}, then 

P* = {□, A, B, -nA, -.P, AB, A-nB, -nAB, -.A-.P}. 

Definition 3 (Consistent labels, label subsumption). 

• Two labels, £1 and £2, are called consistent, denoted by 
Con(£i, £2), if and only if £1 A £2 is satisfiable. 

• A label £1 subsumes a label £2, denoted by Sub{£i,£2), 
if and only if |= {£1 ^£2). 

To facilitate comparison with the definition of a CSTP, 
which is not repeated here due to space limitations, the order 

of arguments in a CSTN is the same as in a CSTP. 

Definition 4 (CSTN). A Conditional Simple Temporal Net- 
work (CSTN) is a tuple, (T, C, L, OT, O, P), where: 

• T is a finite set of real- valued time-points; 

• P is a finite set of propositional letters (or propositions); 

• P : T -> P* is a function that assigns a label to each 
time-point in T; 

• OT C 7" is a (finite) set of observation time-points; 

• O : P ^ OT is a bijection that associates a unique 
observation time-point to each propositional letter; 

'Simple temporal constraints do not allow for strict inequali- 
ties such as y < X; however, in practice, a constraint such as 
Y — X < —t, for some small e > 0, achieves the desired effect. 



• C is a set of labeled simple temporal constraints, each 
having the form, {Y - X < 5, £), where X,Y € T, 6 is 
a real number, and £ G P*; 

(WDl) for any labeled constraint, (Y-X < 5, £) e C, the 
label £ is satisfiable and subsumes both L{X) and L{Y); 

(WD2) for each p G P, and each T e T for which either 
p or -^p appears in T's label, 

o Sub{L{T),L{0{p)), and 

o {0{p) - T < -e, L{T)) G C, for some e > 0; and 
(WD3) for each labeled constraint, {Y - X < 5, £), and 
for each p G -P for which either p or -ip appears in £, 

o Sub{£,L{0(j>))). 

The following definitions will facilitate the proofs of the 

subsequent lemmas. 

Definition 5 (Cq , L'^ and Og). 

• If C is a set of simple temporal constraints, then Cq is the 
corresponding set of labeled simple temporal constraints, 
where each constraint is labeled by the empty label, □. In 
particular, Cq = {(F - X < ^, □) |(y - X < 5) e C} 

• For any set T of time-points, Ljrj denotes the labeling 
function that assigns the empty label to each time-point. 
Thus, L^iT) = □ for all T € T. When the context al- 
lows, we may write instead of L^. 

• 0(3 denotes the unique function whose domain and range 
are both empty. Thus, Og : ^ 0. 

The following lemmas show that any STN or CSTP can 
be embedded within a CSTN. 

Lemma 1. Let {T,C) be any STN. Then 
{T,Ca,La,9,0^,9)isaCSTN. 

Proof. We need only check that the conditions WDl, WD2 
and WD3 from the definition of a CSTN are satisfied. WD2 
and WD3 are trivially satsified since P = 0. As for WDl, 
each constraint in Cq has □ as its label, which is satisfi- 
able. Furthermore, assigns the empty label to every node. 
Thus, the empty label on each constraint trivially subsumes 
the empty label on the relevant nodes. □ 

Lemma 2 (Any CSTP is a CSTN). Let {V, E, L, OV, O, P) 
be any CSTP, as defined by Tsamardinos et al. (2003), that 
satisfies the reasonability assumptions, Al and A2. Let S = 
{V,C,L,OV,0,P),where:'^ 

C= y {{a<Y-X <b,L{X)AL{Y))} 

{a<Y-X<b)eE 

Then S is a CSTN. 

Proof. Conditions WDl, WD2 and WD3 in the definition 
of a CSTN (Defn. 4) are satisfied as follows. 

(WDl) Each labeled constraint in C has the form, (V — U < 
S, L{U) A L{V)). Note that L{U) A LiV) subsumes both 
L{U) and L{V). Furthermore, by assumption Al, L{U) 
and L{V) must be mutually satisfiable. 

(WD2) WD2 is simply a restatement of assumption A2. 

For convenience, we use the expression, a < Y — X < b, to 
represent the pair of constraints, Y — X < b and X — Y < —a. 



(WD3) Each constraint in C has the form, {V - U < S, £), 
where £ = L{U) A L{V). By WD2, L{U) must subsume 
L(0(p)). But then £ does too. □ 

Simple Temporal Networks with Uncertainty 

A Simple Temporal Network with Uncertainty (STNU) aug- 
ments an STN to include a set, C, of contingent links (Mor- 
ris, Muscettola, and Vidal 2001). Each contingent link has 
the form, (^4, x, y, C), where A and C are time-points, and 
0<x<2/<oo.^is called the activation time-point; C is 
called the contingent time -point. An agent typically activates 
a contingent link by executing A. After doing so, the execu- 
tion of C is out of the agent's control; however, C is guaran- 
teed to execute such that the temporal difference, C — A,is 
between x and y. Contingent links are used to represent ac- 
tions with uncertain durations; the agent initiates the action, 
but then merely observes its completion in real time. 

Definition 6 (STNU). A Simple Temporal Network with 
Uncertainty (STNU) is a triple, (T, C, £), where: 

• (r, C) is an STN; and 

• £ is a set of contingent links, each having the form, 
{A, X, y, C), where A and C are distinct time-points in T, 

< .T < 7/ < oo, and: 

o for each {A^x.y.C) £ C, C contains the constraints, 
[x <C - A<y) (cf. Footnote 4); 

o if (Ai,xi,j/i,Ci) and (^2, a;2, 2/2, ^^2) are distinct 
contingent links in C, then Ci and C2 are distinct time- 
points; and 

o the contingent time-point for one contingent link may 
serve as the activation time-point for another — thus, 
contingent links may form chains or trees — however, 
contingent links may not form loops. 

As will be seen, the semantics for contingent links is built 
into the definition of dynamic controllability. 

Note that if (T, C) is an STN, then (T, C, 0) is an STNU. 

Conditional STNs with Uncertainty 

This section introduces a Conditional STN with Uncertainty 
(CSTNU) which combines features of CSTNs and STNUs. 

Definition 7 ( [CJ ). If C is a set of labeled constraints of the 
form, {Y — X < d,£), then [CJ is the corresponding set of 
unlabeled constraints: 

[CJ = {{Y - X < 5) \ [Y ~ X < 5J.) C fox some £}. 

Definition 8 (CSTNU). A Conditional STN with Uncer- 
tainty (CSTNU) is a tuple, (T, C, L, OT, O, P, £), where: 

• (r, C,L, or, C',P) is a CSTN; 

• (T, [CJ,£)isanSTNU;and 

• for each {A,x,y,C) G £, L{A) = L(C), and C con- 
tains the labeled constraints, {x < C — A < y, L{A)).^ 

The following lemmas show that any STNU or CSTN can 
be embedded within a CSTNU. 

Lemma 3. // (T,C,£) is an STNU, then 
(T, Ch, Lq, 0, 00, 0, C) is a CSTNU. 

^{x < C — A < y, L{A)) is shorthand for the pair of labeled 
constraints, (A - C < -x, L(A)) and {C - A<y, L{A)). 




Figure 2: The CSTNU for the workflow in Fig. 1 



Proof. Let (T, C, £) be any STNU. Then (T, C) is an STN. 
By Lemma 1, (r,CH, Lq, 0, Og, 0) is a CSTN. In addition, 
since [CqJ is necessarily the same as C, (T, [CqJ , £) must 
be an STNU. Finally, for each {A,x,y,C) € C, C con- 
tains the constraints, {x < C — A < y), which implies that 
Ch contains the labeled constraints, {x < C — A < 
Since assigns the empty label to each node, the last con- 
dition of Defn. 8 is satisfied. □ 

Lemma 4. // {T,C,L,OT,0,P) is an CSTN, then 
{T, C, L, or, O, P, 0) is a CSTNU. 

Proof. Let {T,C, L,OT,0, P) be any CSTN. Then 
(T, LCJ) is an STN, whence (T, [CJ , 0) is an STNU. Since 
jC is empty, the last condition of Defn. 8 is satisfied. □ 

The CSTNU Underlying a Worklow 

Recall the sample workflow from Fig. 1. This workflow has 
an underlying CSTNU that is derived by 

• replacing each task with a corresponding contingent link; 

• replacing each split connector by a pair of (starting and 
ending) time -points, linked by a duration constraint, and 
where the ending time-point is an observation node for a 
proposition whose possible values correspond to the dif- 
ferent branching decisions; and 

• replacing each join cormector by a pair of time-points, 
linked by a duration constraint. 

Fig. 2 shows the CSTNU underlying the workflow from 
Fig. 1. In this CSTNU, each contingent Unk from Ai to Cj 
corresponds to the task Ti from the workflow; and observa- 
tion nodes are circled. Note that the branch containing task 
T4 is labeled by P, whereas the alternative branch contain- 
ing task T3 is labeled by -'P. Similarly, the branch contain- 
ing task T5 is labeled by Q, and the alternative branch is la- 
beled by -iQ. Note, too, that labels on edges subsume the la- 



bels on the time-points they connect. Dashed edges are kept 
dashed to facilitate comparison with the workflow in Fig. 1. 

Dynamic Controllability 

This section combines the semantics of CSTNs and STNUs 
to generate a definition for the dynamic controllability of a 
CSTNU. Because the semantics for the corresponding no- 
tions involve similar definitions, in some cases the various 
terms, such as history or dynamic will be given prefixes 
or superscripts to indicate the kinds of networks or situa- 
tions/scenarios they apply to. In addition, we use the term, 
history, instead of pre-history, for convenience. 

Dynamic Consistency of CSTNs 

A CSTP is called dynamically consistent if there exists a 
strategy for executing its time-points that guarantees the sat- 
isfaction of all relevant constraints no matter how the truth 
values of the various observations turn out (Tsamardinos, 
Vidal, and Pollack 2003). The strategy is dynamic in that its 
execution decisions can react to past observations, but not 
those in the future. This section defines the dynamic consis- 
tency of a CSTN in an equivalent way; however, for conve- 
nience, there are some superficial differences in notation and 
organization. Afterward, we provide a second characteriza- 
tion of the dynamic property that will be useful later on. 

Definition 9 (Scenario/Interpretation Function). A scenario 
(or interpretation function) over a set P of propositional let- 
ters is a function, s : P {true, false}, that assigns a truth 
value to each letter in P.* As is standard practice in propo- 
sitional logic, any interpretation function can be extended to 
provide the truth value for every possible formula involving 
the letters in P. Thus, any interpretation function, s, can pro- 
vide the truth value of each label involving letters in P. For 
any label, £, the truth value of i in the scenario, s, is denoted 
by s{£). Let Xp (or simply T) denote the set of all interpre- 
tation functions (or complete execution scenarios) over P. 

Definition 10 (Schedule). A schedule for a set of time- 
points T is a mapping, tp : T ^fEl that assigns a real num- 
ber to each time-point in T. The set of all schedules for any 
subset ofT is denoted by ^7- (or ^ if the context allows). 

Below, the projection of a CSTN, S, onto a scenario, s, 
is defined to be the STN that contains all of the time-points 
and constraints from <S whose labels are true under s (i.e., 

the time-points that must be executed under s, and the con- 
straints that must be satisfied under s). 

Definition 11 (Scenario Projection for a CSTN). Let S = 
{TX.L.OT.O.P) be any CSTN, and s any interpre- 
tation fimction (i.e., complete scenario) for the letters in 
P. The projection of S onto the scenario s — denoted by 

scPrj{S, s)— is the STN, {T+,C+), where: 

• r+ = {T e r : .s(i(r)) = true}-, and 

• C+ = {{Y-X <6)\ for some {Y - X <6,i) gC 

and s{£) = true} 

^Unlike the prior work on CSTPs, we restrict attention to com- 
plete scenarios because the subsequent definition of a history re- 
quires a scenario to entail the outcome of all past observations. 



Recall that condition WDl from the definition of a CSTN 
stipulates that the label on any constraint must subsume the 
labels on the time-points it connects. Thus, for any constraint 
in C+, the time-points it connects must belong to the set . 

Definition 12 (Execution Strategy for a CSTN). Let S = 

{T,C,L,OT,0,P) be any CSTN. An execution strategy 
for iS is a mapping, a : T — > '^■y^ such that for each sce- 
nario, s G I, the domain of a{s) is 7^+ (cf. Defn. 11). If, 
in addition, for each scenario, s, the schedule a{s) is a solu- 
tion to the scenario projection, scPrj{S, s), then a is called 
viable. In any case, the execution time for the time-point X 
in the schedule a{s) is denoted by [a{s)]x- 

Below, the history of a time-point, X, relative to a sce- 
nario, s, and strategy, cr, is defined to be the set of observa- 
tions made before the time at which X is executed according 
to the schedule, a{s) (i.e., before the time [(t(s)]x).^ 

Definition 13 (Scenario history for a CSTN). Let S — 
{TX,L,OT,0,P) be any CSTN, .s any scenario, a any 
execution strategy for S, and X any time-point in 7^+ (cf. 
Defn. 11). The history of X in the scenario s, for the strat- 
egy (7 — denoted by scHst{X, s, a) — is given by: 

scHst{X,s,a) = {{p,s{p))\0{p)er+, 

and [(t{s)]o(p) < [<Jis)]x} 

Note that any scenario history determines a corresponding 
label whose (positive or negative) literals are in a one-to-one 
correspondence with the observations, (p, s{p)), in the his- 
tory. Thus, we may sometimes (e.g., in the next definition) 
treat a scenario history as though it were a label. 

Below, an execution strategy is called dynamic if the 
schedules it generates always assign the same execution time 
to any time-point X in scenarios that cannot be distinguished 
prior to that time.^ 

Definition 14 (Dynamic Execution Strategy for a CSTN). 
An execution strategy, a, for a CSTN is called dynamic if 
for all scenarios, si and S2, and any time-point X: 

if Con{si, scHst{X, S2, a-)), then [a{si)]x = [o-{s2)]x- 

Definition 15 (Dynamic Consistency for a CSTN). A CSTN 
is called dynamically consistent if there exists an execution 
strategy for it that is both viable and dynamic. 

The following definitions and lemma provide an equiv- 
alent, alternative characterization of a dynamic execution 
strategy for a CSTN. First, a scenario history relative to a 
numerical time — not a time-point variable — is defined. 

Definition 16 (Scenario History* for a CSTN). Let S = 
{T,C,L,OT,0,P) be any CSTN, s any scenario, a any 
execution strategy for <S, and t any real number. The history* 
of t in the scenario s, for the strategy a — denoted by 

'Xsamardinos et al. (2003) define (pre)histories for arbitrary 
schedules, whereas here we restrict attention to schedules of the 
form, cr(s), where a is an execution strategy and s is a scenario. 

^Tsamardinos et al. (2003) include a disjunctive condition, 
Con{si,scHst{X,S2,cr)) V Con{s2, scHist{X, si,a)). How- 
ever, since si and S2 play symmetric roles in the two disjuncts, 
and since si and S2 are both universally quantified (cf. Defn. 14), 
it suffices to include just one of the disjuncts. 



scHst*{t, s, <t) — is the set of all observations made before 
time t according to the schedule, cr(s). In particular: 

scHst*{t,s,o) = {{p,s{p)) I 0{p) e T+ and [a(s)]o(p) < t} 

Note that for all time-points X, scenarios s, and strategies u, 

scHst{X,s,a) = ,sY.-iy,sr([cr(s)]x,s,(T). 

Definition 17 (Dynamic* Execution Strategy for a CSTN). 
An execution strategy, a, for an CSTN is called dynamic* if 
for any scenarios, Si and S2, and any time-point, X: 

if scHst* {\a{si)]x , si, a) = scHst* {[a{si)]x-,S2,(j), 

then [a(si)]x = [o-(s2)]x- 

Notice that in this definition, the two histories, one relative 
to si, the other to S2, are taken with respect to the same 
(numeric) time, [cr{si)]x- If the strategy a yields schedules 
for .si and S2 that have identical histories prior to that one 
time, then those schedules must assign the same value to X. 

Lemma 5. An execution strategy a for a CSTN is dynamic 
if and only if it is dynamic*. 

Proof. 

(=>) Suppose (7 is a dynamic execution strategy for some 
CSTN. Let si and S2 be any scenarios, and X any time- 
point such that scHst*{ti,si,(7) = scHst* {ti. S2.<y), 
where ti = [a{sij\x- Now S2 must be consistent with 
scHst*{ti, S2,cr), since the observations contained in that 
history are a subset of the observations in S2. Thus, 
S2 is consistent with scHst*{ti,si,a), which equals 
scHst{X, si, cr). Thus, since a is dynamic, we must have 
that [cr(si)]ji: = [<j{s2)]x- Thus, a is dynamic*. 

(<=) Suppose cr is a dynamic* execution strategy for some 
CSTN. Let si and S2 be any scenarios, and X any time- 
point such that Con{si,scHist{X, S2, o)). Suppose that 
[cr(si)]x 7^ [cr(s2)]x- Let t S IR be the first time at 
which the schedules cr(si) and cr(s2) diverge. Then, t < 
min{[cr(si)]x, [cr(s2)]x}; and there must be some time- 
point Y that is executed at time t in one scenario, and at 
some later time in the other scenario. 
By construction, t < [cr(s2)]x- Thus, scHst*{t,S2,cr) C 
scHst*{[a{s2)]x,S2,<T) — ,scHst{X,S2,(T). Thus, 
since Con{si,scHst{X,S2,cr)), it follows that 
Con{si,scHst*{t,S2,o-)). And since si is a com- 
plete scenario, the observations in scHst*{t, S2, cr) must 
be a subset of the "observations" in si. And since, 
by construction, the schedules, cr(.si) and cr(,s2), are 
identical prior to time t, it follows that the observations in 
the two histories, scHst*{t,s\,a) and scHst*{t,S2,o), 
involve the same sets of observation time-points 
with identical outcomes (i.e., truth values). Thus, 
scHst*{t, si,a) = scHst*{t, S2, cr), whence the property 
of cr being dynamic* implies that [^(si)]^ = [cr(s2)]r. 
contradicting the choice of Y. Thus, it must be that the 
schedules, cr(si) and cr(s2) diverge, if at all, after the 
execution of X, in which case, [cr(si)]x = [cr(s2)]js:. 
Thus, a is dynamic. □ 

Dynamic ControUabiUty of STNUs 

Morris et al. (2001) call an STNU dynamically controllable 
if there exists a strategy for executing its time-points that 



guarantees the satisfaction of all constraints in the network 
no matter how the durations of the contingent links turn out. 
The strategy is dynamic in that its execution decisions can 
react to observations of contingent links that have already 
completed, but not to those that have yet to complete. 

This section presents a sequence of definitions that cul- 
minate in the definition of the dynamic controUabihty of an 
STNU. Most of the definitions are from Morris et al. (2001), 
albeit with some slight differences in notation, but history* 
and dynamic* are from Hunsberger (2009). Parallels be- 
tween the definitions in this section and those from the pre- 
ceding section are highlighted along the way. 

Analogous to a scenario for a CSTN, which specifies the 
truth value for each proposition, a situation for an STNU 
specifies fixed durations for all of the contingent links. 

Definition 18 (Situations). Let 5 be an STNU having the 

k contingent links, {Ai,xi,yi,Ci), . . . ,{Ak,Xk,yk,Ck), 
with respective duration ranges, [xi,yi], . . . , [xk, Vk]- Then 
= [xi,yi]x . . .x[xk, yk] is called the space of situations 
for S. Any co = {di, . . . ,dk) € is called a situation. 
When context allows, we may write Cl instead of fls- 

Schedules for STNUs are defined the same way as for 
CSTNs, except that the domain for each schedule must be 
the entire set of time-points, T. 

The projection of a CSTN onto a scenario yields an STN 
by fixing the truth value of each propositional letter and re- 
stricting attention to those time-points and constraints whose 
labels are true according to that scenario. Analogously, the 
projection of an STNU onto a situation yields an STN by 
fixing the duration of each contingent link. 

Definition 19 (Situation Projection for an STNU). Suppose 
S = {T,C, C) is an STNU and a; = (di, . . . , dk) is a situ- 
ation. The projection of S onto the situation a; — denoted by 
sitPrj{S,uj)—\s the STN, {T,C"), where: 

C" = C U {{di <Ci- Ai<di)\l<i<k}. 
Definition 20 (Execution Strategy for an STNU). Let S = 
{T,C, C) be an STNU. An execution strategy for 5 is a map- 
ping, fT : n — )• 'J', such that for each situation, w e fi, 
is a (complete) schedule for the time-points in T. If, in ad- 
dition, for each situation, w, the schedule cr(w) is a solution 
for the situation projection, sitPrj{S, oj), then a is called vi- 
able. In any case, the execution time for any time-point X in 
the schedule, a{ui), is denoted by [a{cj)]x- 

Analogous to a scenario history* for a CSTN, a situation 
history* for an STNU specifies the durations of all contin- 
gent links that have finished executing prior to a (numeric) 
time t in a schedule <j{lj). 

Definition 21 (Situation History* for an STNU). Let S = 

{T,C,jC) be any STNU, a any execution strategy for S, 
u! any situation, and t any real number The history* 
of t in the situation w, for the strategy a — denoted by 
sitHst{t, oj, a) — ^is the set: 

sitHst{t,LJ,a) = {{A.C, [<j{oj)]c - [(t{lo)]a) \ 

3x, y s.t. {A, X, y,C) £ £ and [(7(w)]c < t} 

The definition of the dynamic* property for an execution 
strategy for an STNU parallels that of the dynamic* property 
for an execution strategy for a CSTN. 



Definition 22 (Dynamic* Execution Strategy for an STNU). 
An execution strategy, a, for an STNU is called dynamic* if 
for any situations, oji and W2> and any non-contingent time- 
point X: 

if sitHst{[(j{iUi)]x,oji,a) = sitHst{[a{uJi)]x,uj2,o-), 
then [a{uJi)]x = [cr{ui2)]x- 

Definition 23 (Dynamic Controllability for an STNU). An 

STNU S is called dynamically controllable if there exists an 
execution strategy for S that is both viable and dynamic*. 

Dynamic Controllability of CSTNUs 

This section extends the notions of the dynamic consistency 
of a CSTN and the dynamic controllability of an STNU to 
generate a (novel) definition of the dynamic controllability 
of a CSTNU. To wit, a sequence of definitions is presented 
that parallels those of the preceding sections. 

A drama is a scenario/situation pair that specifies fixed 
truth values for all of the propositional letters and fixed du- 
rations for all of the contingent links. 

Definition 24 (Drama). Given a CSTNU S, a drama is any 
pair (s, w), where s is a scenario, and a; is a situation. The 
set of all dramas (for 5) is T x f2. 

Next, the projection of a CSTNU onto a drama, (s, w), is 
defined. The projection restricts attention to time-points and 
constraints whose labels are true under the scenario s, while 
also including constraints that force the contingent links to 
take on the durations specified in the situation w. 

Definition 25 (Drama Projection for a CSTNU). Suppose 

S = {T,C,L,OT,0,P,C) is a CSTNU and {s,oj) is a 
drama for S, where oj — {di, . . . ,dk)- The projection of S 
onto the drama (s,w) — denoted by drPrj{S,s,uj) — is the 
STN, (7;+,CiU Co), where: 

• r+ = {TeT: s{L{T)) = true} 

• Ci = {{Y-X <S) \ for some £,(Y - X <S,e) € C, 

and s{£) = true} 

• Co = {{d, <Ci-A,< di) I {Ai, Xi, y^, e £ 

and Ai,CieT+} 

Definition 26 (Execution Strategy for a CSTNU). Let S = 

(T, P, L, OT, O, C, £) be a CSTNU. An execution strategy 
for <S is a mapping, cr : (I x fi) — )• ^"7-, such that for each 
drama, (s,w), the domain of a{s,io) is 7s+. a is called vi- 
able if for each drama, {s, uj), the schedule a{s, uj) is a so- 
lution to the projection, drPrj{s, oj). For any time-point X 
and drama (s, w), the execution time of X in the schedule, 
cr(s, oj), is denoted by [a{s, lo)]x. 

The following definition combines the definitions of 
history* relative to a numeric time for CSTNs and STNUs. 

Definition 27 (Drama History* for a CSTNU). Let S = 
(T, P, L, OT, O, C, L) be a CSTNU. Let a be an execution 
strategy for >S, (s, w) some drama, and t some real number. 
Then the history* of t for the drama (s, uj) and strategy a — 
denoted by drHst{t, s, uj, a) — is the pair {'Hs,'Hu) where: 

• ns = {{p,s{p))\o{p)GT+ 

and [cr(s,a;)]ei(p) < t}; and 



. = {(AC, \a{s,u:)]c - Hs,u)]a) \ A,C & T+, 
3x, y s.t. {A, X, y,C,) e C, [a{s, uj)]c < t}. 
Note that Hs specifies the truth values of all propositions 
that are observed prior to t in the schedule (t(s, oj); and Hi^. 
specifies the durations of all contingent links that finish exe- 
cuting prior to t in that schedule. 

Definition 28 (Dynamic* Execution Strategy for a CSTNU). 
An execution strategy, tr, for a CSTNU is called dynamic* 
if for every pair of dramas, (si , wi ) and (s2 , u)2), and every 
non-contingent time-point X E 7^+ n 7^+: 

if drHst{t, si,ijJi, a) = drHst{t, S2,IjJ2,o'), 
where t = [<j{si,oji)]x, 

then [a{si,uji)]x = [<t(s2, W2)]x- 
Definition 29 (Dynamic Controllability for a CSTNU). A 
CSTNU, S, is dynamically controllable if there exists an ex- 
ecution strategy for S that is both viable and dynamic*. 

The following lemmas show that the above definition 
properly generalizes the dynamic consistency of a CSTN 
and the dynamic controllability of an STNU. 

Lemma 6. Let S = {T,C, L,OT,0, P) be any CSTN. 
Then S is dynamically consistent if and only if the CSTNU, 
Su = {T,C, L, OT, O, P, 0), is dynamically controllable. 

Proof. Let 5 = {T,C,L, OT. O, P) be any dynamically 
consistent CSTN. Then S has an execution strategy, a -.1 ^ 
*7-, that is both viable and dynamic. By Lemma 5, a is also 
dynamic* . In addition, since <S is a CSTN, Lemma 4 ensures 
that Su = {T,C,L,OT,0,P,<!l) is a CSTNU. We must 
show that Su has an execution strategy, (t„ : (I x $1) ^ '^-j-, 
that is both viable and dynamic* . Note that since Su has no 
contingent links, Q contains exactly one situation — the null 
situation — ^which we shall denote by wg. 

Define cr„ as follows. For any drama, (s,a;0), let 
cr„(s, wg) = cr(s). Note that a-„ is an execution strategy for 
<S„, since the domain of cr(s) is guaranteed to be 7^+. 

Since a is viable, for any scenario s, the schedule a{s) 
is a solution to the scenario projection, scPrj{S, s). How- 
ever, for any s, the schedules, (t(.s) and (T(s,a;0) are de- 
fined to be the same. Furthermore, since Su has no con- 
tingent links, it follows that for any s, the drama projec- 
tion, drPrj{Su, s,ujq), is the same STN as scPrjiS, s) (cf. 
Defns. 11 and 25). Thus, for any s, cr(s, cjg) is necessarily a 
solution to drPrj{Su, s. oji/j), whence du is viable. 

To show that <Ju is dynamic*, suppose (sijWg) and 
{s2,ui$) are any dramas in Z x fi, X is a non- 
contingent time -point in 7^+ n 7^+, t ~ [^^(si, a;0)]x, 
and drHst* (t,si,uj$,au) — drHst* (t, 32,000, au). Note 
that t = [cru{si,uj^)]x = ['^{si)]x- Furthermore, since 
there are no contingent links, drHst*{t,si,LJ$,(7u) = 
drHst*{t,82,ijJ$,(Tu) if and only if scHst*{t,si,a) = 
scHst* (t, S2, (j) (cf. Defns. 16 and 27). But then <t being 
dynamic* ensures that [cr(si)]jc = [cr(s2)]x (cf. Defn. 17), 
and hence [cr„(si,a;0)]x = [o-„(s2, wg)]^. □ 
Lemma 7. Let S = {T,C,C) be any STNU. Then S 
is dynamically controllable if and only if the CSTNU, 
{T, Cq, ia, 0, 00, 0, £), is dynamically controllable. 

Proof. The proof is omitted for space reasons. It has the 
same general structure as the proof of Lemma 6. 



a(5, u + v 

Figure 3: Basic constraint propagation in a CSTNU 



Toward a DC-Checking Algorithm for CSTNUs 

This section addresses the problem of finding an algo- 
rithm for determining the dynamic controUabiUty of arbi- 
trary CSTNUs. Given that CSTNUs combine the features of 
CSTPs and STNUs, one approach would be to combine ex- 
isting algorithms for determining the dynamic consistency 
of CSTPs and the dynamic controllability of STNUs. How- 
ever, those algorithms employ very different techniques. For 
example, in the CSTP algorithm, Tsamardinos et al. (2003) 
first derive a related Disjunctive Temporal Problem (DTP), 
and then solve it using a dedicated DTP solver that is op- 
timized by a variety of constraint-satisfaction heuristics. In 
contrast, the fastest algorithm for determining whether ar- 
bitrary STNUs are dynamically controllable is the 0(7V^)- 
time algorithm developed by Morris (2006), which is a 
constraint-propagation algorithm that focuses on the reduc- 
ing away of lower-case edges in an STNU graph. 

Another problem is that the CSTP algorithm uses ex- 
ponential space and time. Conrad and colleagues (Conrad 
2010; Conrad and WilHams 2011) developed the Drake sys- 
tem for propagating labeled constraints in temporal net- 
works with choice.' The aim was to reduce the space re- 
quired to generate dispatchable plans, while accepting slight 
increases in the time requirements. Although their choice 
nodes are dramatically different from the observation nodes 
in a CSTNU — ^because choice nodes are controlled by the 
agent — ^their use of labeled value sets in constraint propaga- 
tion inspired our use of labels on the edges of a CSTNU. 

Constraint Propagation for CSTNUs 

Consider the propagation of labeled constraints illustrated in 
Fig. 3. Any dynamic execution strategy that observes the la- 
beled constraints from W to X, and from X to Y, must also 
observe the derived constraint from W XoY. Notice that the 
label on the derived constraint is the conjunction of the la- 
bels on the original constraints. The proof that this propaga- 
tion rule is sound is omitted, due to space Umitations. 

Label Modification in a CSTNU 

Morris et al. (2001) showed that the presence of contingent 
links in an STNU requires new kinds of constraint propaga- 
tion when checking dynamic controllability. Those kinds of 
rules will also be needed for a CSTNU. However, in addi- 
tion, the presence of observation nodes requires new kinds 
of propagation rules. One such rule is presented below. 

Consider the CSTNU fragment in Fig. 4, where < w, 
V < w, a, P and 7 are labels that do not share any proposi- 
tional letters, and p is a propositional letter that does not ap- 
pear in a, /3 or 7. The time-point, p7, is the observation time- 

'in the earlier paper, they incorporated contingent links and pre- 
sented a preliminary extension of their dispatchability algorithm. 



Figure 4: The context for label modification in a CSTNU 



point for p. Thus, when pi executes, the value of p becomes 
known. The arrow from pi to X represents the labeled con- 
straint, {X — pi < —w, a (3). Thus, in scenarios where a/3 
is true, X + w < pi must hold. Thus, in those scenarios, 
X must be executed before p is observed. The arrow from 
X toY represents the constraint, {Y — X < v, P'fp). Thus, 
in scenarios where ^jp is true, Y < X + v must hold — in 
which case, Y must execute before the value of p is known. 

Lemma 8 (Label Modification Rule). If a is a dynamic exe- 
cution strategy that satisfies the labeled constraints in Fig. 4 
in all scenarios where their labels are true, then a must 

also satisfy the labeled constraint, {Y X < v, a/Sj), 
in all scenarios where a/3"f is true. Moreover, the original 
labeled constraint, {Y — X < v, fi^p), can be replaced 
by the pair of labeled constraints, iY — X < v, aj3j) and 
{Y-X<v, (-a)/37P). 

Proof. Let a be as in the statement of the lemma. However, 
suppose that there is some drama, (s, w), such that: (1) the 
label a/3'y is true in scenario s; but (2) the schedule, a{s, w), 
does not satisfy the constraint, (Y — X < v). Let S2 be 
the same scenario as s, except that the value of p is flipped. 
Now, by construction, in one of the scenarios, s or S2, the 
label, aP^p, is true. Let s be that scenario, and a{s,Lo) the 
corresponding schedule. By construction, that schedule sat- 
isfies both of the labeled constraints from Fig. 4, since their 
labels are true in s. Thus, 

[cr(s, uj)]y < [i7(s, uj)]x + V , since Y — X < v 

< [<t{s, u))]x + w, since v < w 

< pi , since X — pi < —w 

Let s be the scenario that is the same as s, except that the 
value of p is flipped. Let t be the first time at which the 
schedules, a{s,uj) and a{s,uj), differ. Thus, there must be 
some time-point T that is executed in one of the schedules 
at time t, and in the other at some time later than t. But 
in that case, the corresponding histories at time t must be 
different. But the only possible difference must involve the 
value of the proposition p, since all other propositions and 
contingent durations are identical in the dramas, (s, w) and 
(s, Lj). Thus, pi must be executed before time t. Since t is 
the time of first difference in the schedules, it follows that 
pi is executed at the same time in each of these schedules. 
Furthermore, since X and Y are both executed before pi 
in a{s,ui), and hence before the time of first difference, it 
follows that X and Y are also executed at those same times 
in (t(s, uj). Thus, regardless of the value of p, the constraint 
Y — X < V is satisfied, contradicting the choice of (s, co). 
For the second part, consider the following constraints: 

• Ci:{Y -X < V, /3jp) 

• C2: (F - X < V, a/37) 

• Ci.i: (Y-X <v, aj3jp) 

• C,,2:{Y-X<v, (-a)^7P) 



Ci is the constraint from X to Y shown in Fig. 4. C2 is 
the constraint derived in the first part of this proof. Now, 
Ci is equivalent to the pair of constraints, Ci.i and C1.2, 
since I3^p = (aP^p) V {{-'a) (S-yp) . Thus, the constraint set 
{Ci , C2} is equivalent to the constraint set {Ci.i, C1.2, C2}. 
However, since the label on C2 is subsumed by the label on 
Ci.i, the constraint C2 dominates the constraint Ci.i. Thus, 
the constraint set {Ci, C2} is equivalent to {C1.2, C2}. □ 

This and other label-modification rules are expected 
to play an important role in the dynamic controllability- 
checking algorithm that is a major goal of this work. 

Conclusions 

This paper presented a temporal network, called a CSTNU, 
that generalizes CSTPs and STNUs from the literature. The 
semantics of dynamic controllability for CSTNUs also gen- 
eralizes the related notions for CSTPs and STNUs. The mo- 
tivation for this work was to provide a framework for the 
temporal constraints underlying workflows for business and 
medical-treatment processes. In future work, we aim to show 
that any workflow is history-dependent controllable if and 
only if its underlying CSTNU is dynamically controllable. 
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